<?php
/** 
* 模型类文件(用户模块)
* 
* 用户信息的获取和校验
* @author      sinalma  <sinalma@foxmail.com>
* @version     1.0 版本号
*/ 

namespace app\index\model;

use think\Model;
use think\Db;
use app\common\tools\Tool;
use app\common\tools\ID as IDObj;

/** 
 * Class User
 * 用户模型类 
 *
 * @package app\index\model
 * @author      sinalma  <sinalma@foxmail.com>
 * @version     1.0 版本号
 */ 
class User extends Model
{
    protected $table = 'sinblog_user_list';
    private $htpURL = '';

    /**  
     * 校验登录用户名和密码
     *
     * tips:待完善，需要考虑sql注入攻击
     * 
     * @access public 
     * @param mixed $usrn 用户名
     * @param mixed $pwd 加密后的密码
     * @return array 数组
     */
    public function check($usrn,$pwd){
        $sql = "SELECT uid,id,user_name,user_pwd from sinblog_user_list where user_name='{$usrn}' and user_pwd='{$pwd}'";
        $checkRes = $this->query($sql);
        if (count($checkRes)>=1){
            $res = $this->query("SELECT * from sinblog_user_list where user_name='{$usrn}'");
            $ip = Tool::getRealIpAddr();
            $city = Tool::getCity();
            $this->query("UPDATE sinblog_user_list set last_login_time=unix_timestamp(now()),last_login_ip='{$ip}',login_times=login_times+1,last_login_addr='{$city}' where user_name='{$usrn}'");

           	return $res[0];
        }
        return false;
    }

    /**  
     * 用户注册
     *
     * tips:待完善，需要考虑sql注入攻击
     * 
     * @access public 
     * @param mixed $usrn 用户名
     * @param mixed $pwd 加密后的密码
     * @return bool
     */
	public function register($usrn,$pwd){
        return $this->insert($usrn,$pwd);
	}


    /**  
     * 添加用户到数据库
     *
     * tips:待完善，需要考虑sql注入攻击
     * TODO:如果有两个用户同时注册,解决uid冲撞的问题
     * 方案:加入队列,以操作数据库的时间来生成uid(除了第一个用户)
     * 
     * @access public 
     * @param mixed $usrn 用户名
     * @param mixed $pwd 加密后的密码
     * @return bool
     */
	private function insert($usrn,$pwd){
        
        $checkRes = $this->query("SELECT * from sinblog_user_list where user_name='{$usrn}'");
        if (count($checkRes) >= 1){
        	// 用户名重复
        	return false;
        }

        $idobj = new IDObj();
        $uid = $idobj->getUID();

        $ip = Tool::getRealIpAddr();
        $city = Tool::getCity();
        $os = Tool::get_os();
        $browser = Tool::get_broswer();
        $device = $os." ".$browser;
        // https://cdn.v2ex.com/gravatar/594f0e38ee46673f7ab6ee9b156153dd?d=identicon
        // 保存随机头像
        $rand = mt_rand(100,299);
        $picUrl = "https://cdn.v2ex.com/gravatar/594f0e38ee46673f7ab6ee9b15{$rand}dd?d=identicon";
        $sql = "INSERT into sinblog_user_list (uid,user_name,user_pwd,profile_pic,reg_time,reg_ip,reg_addr,reg_device) values('{$uid}','{$usrn}','{$pwd}','{$picUrl}',unix_timestamp(now()),'{$ip}','{$city}','{$device}');";
        $res = $this->query($sql);
        return true;
	}


    /**  
     * 验证用户名是否存在(注册和登录皆可以调用)
     * not use
     * 
     * @access public 
     * @param ursn 用户名
     * @return bool
     */
    public function verifyUsername($ursn){
        $checkRes = $this->query("SELECT * from sinblog_user_list where user_name='{$usrn}'");
        if (count($checkRes) >= 1){
            // 用户名重复
            return false;
        }
    }

    /**  
     * 获取用户表所有字段，开发中浏览使用
     *
     * tips:待完善，需要考虑sql注入攻击
     * 
     * @access private
     */
	private function getFields(){

        $fields = array();
        $fieldStr = '';
        $res = $db->query("desc sinblog_user_list;");
        for($i=0;$i<count($res);++$i){
             $fields[] = $res[$i]['Field'];
             $fieldStr .= $res[$i]['Field'];
             $fieldStr .= ',';
        }
	}
}